nerdexam
CompTIA

CAS-003 · Question #509

Ann, a security administrator, is conducting an assessment on a new firewall, which was placed at the perimeter of a network containing PII. Ann runs the following commands on a server (10.0.1.19) beh

The correct answer is B. It is not blocking or filtering any traffic to the server.. The key insight is that Ann ran iptables commands on the server (10.0.1.19) itself - not on the firewall. The subsequent port scan from her external workstation (192.168.2.45) captures packets successfully reaching the server, meaning the firewall is transparently passing all tra

Enterprise Security Operations

Question

Ann, a security administrator, is conducting an assessment on a new firewall, which was placed at the perimeter of a network containing PII. Ann runs the following commands on a server (10.0.1.19) behind the firewall:

From her own workstation (192.168.2.45) outside the firewall, Ann then runs a port scan against the server and records the following packet capture of the port scan:

Connectivity to the server from outside the firewall worked as expected prior to executing these commands. Which of the following can be said about the new firewall?

Exhibit

CAS-003 question #509 exhibit

Options

  • AIt is correctly dropping all packets destined for the server.
  • BIt is not blocking or filtering any traffic to the server.
  • CIptables needs to be restarted.
  • DThe IDS functionality of the firewall is currently disabled.

How the community answered

(28 responses)
  • A
    21% (6)
  • B
    57% (16)
  • C
    7% (2)
  • D
    14% (4)

Explanation

The key insight is that Ann ran iptables commands on the server (10.0.1.19) itself - not on the firewall. The subsequent port scan from her external workstation (192.168.2.45) captures packets successfully reaching the server, meaning the firewall is transparently passing all traffic through. If the firewall were functioning as a perimeter security device, it should be filtering what reaches the server; instead, traffic flows unimpeded. The iptables rules Ann configured are host-based rules on the server, which is a separate concern from the firewall's behavior.

Topics

#firewall analysis#iptables#packet capture#traffic filtering

Community Discussion

No community discussion yet for this question.

Full CAS-003 Practice